Description
A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/46569
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0612
Scores
CVSS v3
5.3
EPSS
0.1398
EPSS Percentile
94.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
Status
published
Products (1)
microsoft/edge
Published
Apr 08, 2019
Tracked Since
Feb 18, 2026